- Products
- Learn
- Local User Groups
- Partners
- More
The State of Ransomware Q1 2026
Key Trends and Their Impact
Good, Better, Best:
Prioritizing Defenses Against Credential Abuse
AI Security Masters E7:
How CPR Broke ChatGPT's Isolation and What It Means for You
Blueprint Architecture for Securing
The AI Factory & AI Data Center
Call For Papers
Your Expertise. Our Stage
CheckMates Go:
CheckMates Fest
Put it this way...there is literally nothing for CP firewall to inspect (or any fw for that matter) if hosts are on the same subnet. As @Lloyd_Braun said, if its layer 2, then its more of a switch, not exactly a typical firewall. For firewall to do proper inspection, it would need to function on layer 3. As far as your question about the inspection if traffic does not pass through it, well, there is nothing to isnpect in that instance. Btw, its important to note it also depends how you configure threat prevention blades, because if its in monitor mode, those protections wont really be active in such instance.
Best,
Andy
About CheckMates
Learn Check Point
Advanced Learning
YOU DESERVE THE BEST SECURITY
